CVE-2025-11738 is a vulnerability identified in the Media Library Assistant plugin for WordPress, affecting all versions up to and including 3.29. The issue is due to improper handling of file names or paths in the mla-stream-image.php file, classified under CWE-73 (External Control of File Name or Path). This flaw allows unauthenticated attackers to perform limited arbitrary file reading, specifically targeting AI, EPS, PDF, and PS file types stored on the server. The vulnerability does not require any authentication or user interaction, making it remotely exploitable over the network. Attackers can leverage this to access sensitive documents that may contain confidential or proprietary information, potentially leading to data leakage. The CVSS v3.1 base score is 5.3, reflecting a medium severity level, primarily due to the confidentiality impact without affecting integrity or availability. No patches or official fixes have been linked yet, and no known exploits have been reported in the wild. The vulnerability's exploitation vector is network-based with low attack complexity, increasing the risk for exposed WordPress sites using this plugin. Given the widespread use of WordPress and this plugin, the vulnerability poses a notable risk to organizations relying on these technologies for content management and media handling.

The primary impact of CVE-2025-11738 is unauthorized disclosure of sensitive files stored on web servers running the vulnerable Media Library Assistant plugin. Organizations may suffer confidentiality breaches if attackers access proprietary documents, intellectual property, or sensitive client data contained within AI, EPS, PDF, or PS files. Although the vulnerability does not allow file modification or deletion, the exposure of sensitive information can facilitate further attacks such as social engineering, corporate espionage, or regulatory non-compliance. The ease of exploitation without authentication increases the threat surface, especially for publicly accessible WordPress sites. This can lead to reputational damage, legal liabilities, and loss of customer trust. The scope is broad due to the plugin's popularity, affecting small businesses, enterprises, and government websites using WordPress. The lack of known exploits in the wild currently limits immediate widespread impact, but the vulnerability remains a significant risk if weaponized by attackers.

1. Immediately restrict access to mla-stream-image.php by implementing web server rules (e.g., .htaccess or nginx configuration) to block unauthorized requests or limit access to trusted IP addresses. 2. Deploy Web Application Firewall (WAF) rules that detect and block attempts to exploit path traversal or arbitrary file read patterns targeting this plugin. 3. Monitor web server logs for unusual requests to mla-stream-image.php or access to AI, EPS, PDF, and PS files that could indicate exploitation attempts. 4. If possible, disable or remove the Media Library Assistant plugin until a security patch is released. 5. Follow vendor advisories closely and apply official patches or updates as soon as they become available. 6. Conduct an audit of sensitive files stored on the server to ensure minimal exposure and consider relocating sensitive documents outside the web root. 7. Educate site administrators about the risks and signs of exploitation related to this vulnerability. 8. Implement least privilege principles for file permissions to reduce the impact of unauthorized file access.